We performed a comparison between Cortex XDR by Palo Alto Networks and Mandiant Advantage based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"The product is very easy to use."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The integration, visibility, vulnerability management, and device identification are valuable."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"I have found the ability to delete unwanted threats beneficial."
"The summarization of emails is a valuable feature."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The user interface of the solution is sophisticated and straightforward."
"The product has an intuitive dashboard."
"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"The most valuable feature is that you can select remote access of any machine for sandboxing."
"The product's most valuable features are massive user and feature intelligence exploit detection."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"The management and automation of the cloud apps have room for improvement."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The licensing is a nightmare and has room for improvement."
"At times, there may be delays in the execution of certain actions and their effects."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"Stability could be improved by avoiding frequent changes to the interface."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."
"The price could be a little lower."
"The playbooks could be improved to include more functionalities or actions."
"In general, the price could be more competitive."
"The solution should offer more dashboards and they should be better customized."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews while Mandiant Advantage is ranked 20th in Extended Detection and Response (XDR) with 3 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Mandiant Advantage is rated 8.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Fortinet FortiEDR, whereas Mandiant Advantage is most compared with CrowdStrike Falcon, Cortex Xpanse, Cymulate, Microsoft Defender External Attack Surface Management and ThreatConnect Threat Intelligence Platform (TIP). See our Cortex XDR by Palo Alto Networks vs. Mandiant Advantage report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.